Advisories ยป MGASA-2018-0115

Updated thunderbird packages fix security vulnerability

Publication date: 06 Feb 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2018-5095 , CVE-2018-5096 , CVE-2018-5097 , CVE-2018-5098 , CVE-2018-5099 , CVE-2018-5102 , CVE-2018-5103 , CVE-2018-5104 , CVE-2018-5117 , CVE-2018-5089

Description

Integer overflow in Skia library during edge builder allocation.
(CVE-2018-5095)

Use-after-free while editing form elements. (CVE-2018-5096)

Use-after-free when source document is manipulated during XSLT.
(CVE-2018-5097)

Use-after-free while manipulating form input elements. (CVE-2018-5098)

Use-after-free with widget listener. (CVE-2018-5099)

Use-after-free in HTML media elements. (CVE-2018-5102)

Use-after-free during mouse event handling. (CVE-2018-5103)

Use-after-free during font face manipulation. (CVE-2018-5104)

URL spoofing with right-to-left text aligned left-to-right.
(CVE-2018-5117)

Memory safety bugs fixed in Firefox 58, Firefox ESR 52.6, and Thunderbird
52.6. (CVE-2018-5089)
                

References

SRPMS

5/core

6/core